[Pkg-clamav-devel] Bug#774686: ClamAV: Can't create new file

=?UTF-8?Q?B=C3=BCschel at buxtehude.debian.org =?UTF-8?Q?B=C3=BCschel at buxtehude.debian.org
Tue Jan 6 09:09:21 UTC 2015 

Package: clamav
Version: 0.98.5+dfsg-3
Severity: normal

Dear Maintainer,

On some files clamav reports an error.
Example:
root at host:~# clamscan projectlibre-1.5.9.msi
projectlibre-1.5.9.msi: Can't create new file ERROR

----------- SCAN SUMMARY -----------
Known viruses: 3721428
Engine version: 0.98.5
Scanned directories: 0
Scanned files: 0
Infected files: 0
Total errors: 1
Data scanned: 57.72 MB
Data read: 11.84 MB (ratio 4.88:1)
Time: 26.307 sec (0 m 26 s)

This file can be downloaded at http://sourceforge.net/projects/projectlibre/files/ProjectLibre/1.5.9/ or directly http://netcologne.dl.sourceforge.net/project/projectlibre/ProjectLibre/1.5.9/projectlibre-1.5.9.msi

On the filesystem there is enough space.
Root filesystem is ext4.
This error is not host specific, other hosts report the same error.
The same error occurs with HAVP and clamav as proxy filter with virus scan.
No third party databases are used.

An system with debian squeeze 6.0.10 (LTS enabled) and clamav-0.98.1+dfsg-1+deb6u4 doesn't report an error.


-- Package-specific info:
--- configuration ---
Checking configuration files in /etc/clamav

Config file: clamd.conf
-----------------------
LogFile = "/var/log/clamav/clamav.log"
StatsHostID = "auto"
StatsEnabled disabled
StatsPEDisabled = "yes"
StatsTimeout = "10"
LogFileUnlock disabled
LogFileMaxSize = "4294967295"
LogTime = "yes"
LogClean disabled
LogSyslog disabled
LogFacility = "LOG_LOCAL6"
LogVerbose disabled
LogRotate = "yes"
ExtendedDetectionInfo = "yes"
PidFile = "/var/run/clamav/clamd.pid"
TemporaryDirectory disabled
DatabaseDirectory = "/var/lib/clamav"
OfficialDatabaseOnly disabled
LocalSocket = "/var/run/clamav/clamd.ctl"
LocalSocketGroup = "clamav"
LocalSocketMode = "666"
FixStaleSocket = "yes"
TCPSocket disabled
TCPAddr disabled
MaxConnectionQueueLength = "15"
StreamMaxLength = "26214400"
StreamMinPort = "1024"
StreamMaxPort = "2048"
MaxThreads = "12"
ReadTimeout = "180"
CommandReadTimeout = "5"
SendBufTimeout = "200"
MaxQueue = "100"
IdleTimeout = "30"
ExcludePath disabled
MaxDirectoryRecursion = "15"
FollowDirectorySymlinks disabled
FollowFileSymlinks disabled
CrossFilesystems = "yes"
SelfCheck = "3600"
DisableCache disabled
VirusEvent disabled
ExitOnOOM disabled
AllowAllMatchScan = "yes"
Foreground disabled
Debug disabled
LeaveTemporaryFiles disabled
User = "clamav"
AllowSupplementaryGroups disabled
Bytecode = "yes"
BytecodeSecurity = "TrustSigned"
BytecodeTimeout = "60000"
BytecodeUnsigned disabled
BytecodeMode = "Auto"
DetectPUA disabled
ExcludePUA disabled
IncludePUA disabled
AlgorithmicDetection = "yes"
ScanPE = "yes"
ScanELF = "yes"
DetectBrokenExecutables disabled
ScanMail = "yes"
ScanPartialMessages disabled
PhishingSignatures = "yes"
PhishingScanURLs = "yes"
PhishingAlwaysBlockCloak disabled
PhishingAlwaysBlockSSLMismatch disabled
PartitionIntersection disabled
HeuristicScanPrecedence disabled
StructuredDataDetection disabled
StructuredMinCreditCardCount = "3"
StructuredMinSSNCount = "3"
StructuredSSNFormatNormal = "yes"
StructuredSSNFormatStripped disabled
ScanHTML = "yes"
ScanOLE2 = "yes"
OLE2BlockMacros disabled
ScanPDF = "yes"
ScanSWF = "yes"
ScanArchive = "yes"
ArchiveBlockEncrypted disabled
ForceToDisk disabled
MaxScanSize = "104857600"
MaxFileSize = "26214400"
MaxRecursion = "10"
MaxFiles = "10000"
MaxEmbeddedPE = "10485760"
MaxHTMLNormalize = "10485760"
MaxHTMLNoTags = "2097152"
MaxScriptNormalize = "5242880"
MaxZipTypeRcg = "1048576"
MaxPartitions = "50"
MaxIconsPE = "100"
ScanOnAccess disabled
OnAccessIncludePath disabled
OnAccessExcludePath disabled
OnAccessExcludeUID disabled
OnAccessMaxFileSize = "5242880"
DevACOnly disabled
DevACDepth disabled
DevPerformance disabled
DevLiblog disabled
DisableCertCheck disabled

Config file: freshclam.conf
---------------------------
StatsHostID disabled
StatsEnabled disabled
StatsTimeout disabled
LogFileMaxSize = "4294967295"
LogTime = "yes"
LogSyslog disabled
LogFacility = "LOG_LOCAL6"
LogVerbose disabled
LogRotate = "yes"
PidFile = "/var/run/clamav/freshclam.pid"
DatabaseDirectory = "/var/lib/clamav"
Foreground disabled
Debug disabled
AllowSupplementaryGroups disabled
UpdateLogFile = "/var/log/clamav/freshclam.log"
DatabaseOwner = "clamav"
Checks = "24"
DNSDatabaseInfo = "current.cvd.clamav.net"
DatabaseMirror = "db.local.clamav.net", "database.clamav.net"
PrivateMirror disabled
MaxAttempts = "5"
ScriptedUpdates = "yes"
TestDatabases = "yes"
CompressLocalDatabase disabled
ExtraDatabase disabled
DatabaseCustomURL disabled
HTTPProxyServer = "10.10.10.10"
HTTPProxyPort = "3128"
HTTPProxyUsername disabled
HTTPProxyPassword disabled
HTTPUserAgent disabled
NotifyClamd = "/etc/clamav/clamd.conf"
OnUpdateExecute disabled
OnErrorExecute disabled
OnOutdatedExecute disabled
LocalIPAddress disabled
ConnectTimeout = "30"
ReceiveTimeout = "30"
SubmitDetectionStats disabled
DetectionStatsCountry disabled
DetectionStatsHostID disabled
SafeBrowsing disabled
Bytecode = "yes"

clamav-milter.conf not found

Software settings
-----------------
Version: 0.98.5
Optional features supported: MEMPOOL IPv6 FRESHCLAM_DNS_FIX AUTOIT_EA06 BZIP2 LIBXML2 JSON JIT

Database information
--------------------
Database directory: /var/lib/clamav
bytecode.cld: version 245, sigs: 43, built on Mon Jan  5 20:19:48 2015
daily.cld: version 19886, sigs: 1302719, built on Tue Jan  6 06:49:20 2015
main.cvd: version 55, sigs: 2424225, built on Tue Sep 17 16:57:28 2013
Total number of signatures: 3726987

Platform information
--------------------
uname: Linux 3.16.0-4-amd64 #1 SMP Debian 3.16.7-ckt2-1 (2014-12-08) x86_64
OS: linux-gnu, ARCH: x86_64, CPU: x86_64
Full OS version: Debian GNU/Linux 8.0 (jessie)
zlib version: 1.2.8 (1.2.8), compile flags: a9
Triple: x86_64-pc-linux-gnu
CPU: corei7-avx, Little-endian
platform id: 0x0a214f4f0804090201040902

Build information
-----------------
GNU C: 4.9.2 (4.9.2)
GNU C++: 4.9.2 (4.9.2)
CPPFLAGS: -D_FORTIFY_SOURCE=2
CFLAGS: -g -O2 -fstack-protector-strong -Wformat -Werror=format-security -Wall -D_FILE_OFFSET_BITS=64 -fno-strict-aliasing  -D_LARGEFILE_SOURCE -D_LARGEFILE64_SOURCE
CXXFLAGS:
LDFLAGS: -Wl,-z,relro
Configure: '--build=x86_64-linux-gnu' '--prefix=/usr' '--includedir=/usr/include' '--mandir=/usr/share/man' '--infodir=/usr/share/info' '--sysconfdir=/etc' '--localstatedir=/var' '--disable-silent-rules' '--libexecdir=/usr/lib/clamav' '--disable-maintainer-mode' '--disable-dependency-tracking' 'CFLAGS=-g -O2 -fstack-protector-strong -Wformat -Werror=format-security -Wall -D_FILE_OFFSET_BITS=64' 'CPPFLAGS=-D_FORTIFY_SOURCE=2' 'CXXFLAGS=-g -O2 -fstack-protector-strong -Wformat -Werror=format-security -Wall -D_FILE_OFFSET_BITS=64' 'LDFLAGS=-Wl,-z,relro' '--with-dbdir=/var/lib/clamav' '--sysconfdir=/etc/clamav' '--disable-clamav' '--disable-unrar' '--enable-milter' '--enable-dns-fix' '--with-libjson' '--with-gnu-ld' '--with-system-tommath' '--without-included-ltdl' '-with-system-llvm=/usr/bin/llvm-config' '--with-systemdsystemunitdir=/lib/systemd/system' 'build_alias=x86_64-linux-gnu'
sizeof(void*) = 8
Engine flevel: 79, dconf: 79

--- data dir ---
total 144956
-rw-r--r-- 1 clamav clamav   365056 Jan  5 20:57 bytecode.cld
-rw-r--r-- 1 clamav clamav 83331072 Jan  6 06:59 daily.cld
-rw-r--r-- 1 clamav clamav 64720632 Nov 10 14:48 main.cvd
-rw------- 1 clamav clamav      676 Nov 10 14:14 mirrors.dat

-- System Information:
Debian Release: 8.0
  APT prefers testing-updates
  APT policy: (500, 'testing-updates'), (500, 'testing')
Architecture: amd64 (x86_64)

Kernel: Linux 3.16.0-4-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages clamav depends on:
ii  clamav-freshclam [clamav-data]  0.98.5+dfsg-3
ii  libc6                           2.19-13
ii  libclamav6                      0.98.5+dfsg-3
ii  libcurl3                        7.38.0-3
ii  libssl1.0.0                     1.0.1j-1
ii  zlib1g                          1:1.2.8.dfsg-2+b1

Versions of packages clamav recommends:
ii  clamav-base  0.98.5+dfsg-3

Versions of packages clamav suggests:
pn  clamav-docs  <none>

-- no debconf information




regards

Uwe Büschel
INTER-FORUM AG
Sommerfelder Straße 120
04316 Leipzig

Telefon:         0341 25920-99
Fax:             0341 25920-20

E-Mail:          uwe.bueschel at inter-forum.de
WWW:             http://www.inter-forum.de

Registergericht: Amtsgericht Leipzig
Registernummer:  HRB 18238
Vorstand:        Jan Schaller (Vors.), Dr. Jörg Härtwig
Aufsichtsrat:    Thomas Joschko (Vors.)
USt-IdNr.:       DE141624398
IK:              661430035

More information about the Pkg-clamav-devel mailing list